<?php 

require_once('init.php');

include('inc/top.php');

if ($user->data['group_id'] != $mgmtgroup) { echo '<div id="main_yellow"><p>You must be an administrator to view this page.</p></div>'; } else {

$banningadminsid = $bandetailsrow['banned_by_id'];
$banningadminidq = mysql_query("SELECT id FROM sm_admins WHERE identity='$banningadminsid'");
$banningadminida = mysql_fetch_assoc($banningadminidq);
$banningadminid = $banningadminida['id'];
$banningadminnameq = mysql_query("SELECT name FROM sm_admins WHERE id='$banningadminid'");
$banningadminnamea = mysql_fetch_assoc($banningadminnameq);
$banningadminname = $banningadminnamea['name'];

if(isset($_POST['editban'])) {

$input_name = sanitizeString($_POST['input_name']);
$input_steamid = sanitizeString($_POST['input_steamid']);
$input_reason = sanitizeString($_POST['input_reason']);
$input_length = sanitizeString($_POST['input_length']);

mysql_query("UPDATE mysql_bans SET player_name='$input_name', steam_id='$input_steamid', ban_reason='$input_reason', ban_length='$input_length' WHERE id='$banid'") or die(mysql_error());
redirect("bandetails.php?banid=" . $banid);
} else

?>

<div id="main_gray"><h1>Edit Ban</h1></div>

<?php  if (empty($banid)) { echo "<div id='main_red'><p>No Ban Specified</p></div>"; } elseif (empty($bandetailsrow)) { echo "<div id='main_yellow'><p>Invalid Ban Specified</p></div>"; } else { ?>

<form method="post" action="editban.php?banid=<?php  echo $banid; ?>">

<table class="table" id="tableborder" cellspacing="3" cellpadding="5" align="center">
	<tr><td align="right"><b>Username:</b></td><td align="left"><input type="text" class="searchinput" name="input_name" value="<?php  echo $bandetailsrow['player_name']; ?>" /></td></tr>
	<tr><td align="right"><b>SteamID:</b></td><td align="left"><input type="text" class="searchinput" name="input_steamid" value="<?php  echo $bandetailsrow['steam_id']; ?>" /></a></td></tr>
	<tr><td align="right"><b>Reason:</b></td><td align="left"><input type="text" class="searchinput" name="input_reason" value="<?php  echo $bandetailsrow['ban_reason']; ?>" /></td></tr>
	<tr><td align="right"><b>Length:</b></td><td align="left">
	
	
	<SELECT NAME="input_length" class="searchinput">
		<option VALUE="<?php  echo $bandetailsrow['ban_length']; ?>"><?php  echo $bantime; ?></option>
		<option VALUE="0">Permanent</option>
		<option VALUE="1">1 Minute</option>
		<option VALUE="60">1 Hour</option>
		<option VALUE="720">12 Hours</option>
		<option VALUE="1440">1 Day</option>
		<option VALUE="10080">1 Week</option>
		<option VALUE="20160">2 Weeks</option>
		<option VALUE="43200">1 Month</option>
		<option VALUE="259200">6 Months</option>
		<option VALUE="518400">1 Year</option>
	</SELECT>
	
	</td></tr>
	<tr><td align="center" colspan="2"><form method="post" action="editban.php?banid=<?php  echo $banid; ?>"><input type="submit" class="searchbutton" name="editban" value="Edit Ban" />
	</table>
	
</form>

<table cellspacing="3" cellpadding "5" align="center">

	<tr valign="top">
		<td><input type="button" name="back" value="Back" class="searchbutton" onClick="javascript:history.back();"></td>
		
			<?php  if ($user->data['group_id'] == $mgmtgroup) { ?>
		
		<td><form action="editban.php?banid=<?php  echo $banid; ?>" method="post"><input type="submit" name="deleteban" value="Delete Ban" class="searchbutton" /></form></td>
		
			<?php  } ?>
	</tr>
</table>

<?php 
if ($user->data['group_id'] == $mgmtgroup)
{

if(isset($_POST['deleteban'])) {

mysql_query("DELETE FROM mysql_bans WHERE id='$banid'") or die(mysql_error());
redirect('bans.php');
}
}
}
}
include('inc/bottom.php');
 ?>